Nowadays, many business processes run digitally, which is why legislators are placing increasingly high demands on IT security. As a CMP provider, we offer software that will ensure that legal requirements are fulfilled and that these requirements are met. It is all the more important to us that all legal requirements are verifiably met, even with regard to our own IT structure. Therefore, we would like to clarify the most important questions regarding our IT compliance in the following.
Which data is processed or stored on account of the Consent Management Platform?
We process two types of data:
Customer data = settings and login data
User Data = Consent Data (Consent ID, Consent Number, Time of Consent, Type of Consent (implicit or explicit), Opt-in or Opt-out, Banner Language, Customer Setting, Customer Setting Version, Template and Template Version) and Device Data (HTTP Agent, HTTP Referrer and Device ID)
Who owns the data?
The owner of the data is always the customer as the commissioning party (data controller). For processing according to the customer’s specifications, an order processing contract is always drawn up with Usercentrics (data processor)
Does Usercentrics use subcontractors to process the data?
For the purpose of hosting, Usercentrics uses the cloud server services provided by Google. (Google, Alphabet Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States or Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland for users from the EEA and Switzerland).
Where does the processing of data occur?
The processing and storage of customer and user consent data takes place in the Google Cloud. The processing entities are located in Frankfurt and the storage entities in Belgium. This includes the backups of the data, which also lie in the Google Cloud and within the EU.
How does the customer retrieve the data?
Upon request of the customer, a data export can be arranged. In order to do so, the data is exported to Google Buckets (Google Cloud Storage). After verifying if the person is authorised to access the data, a link is generated specifically in order to download this data.
When is the data deleted?
Data is deleted after a retention period of 3 years (latest status). Regardless of this period, a customer can request the deletion of the stored data at any time. Encrypted backup files in backups, however, remain unaffected by the above mentioned time frame in in order not to endanger the data integrity.
Who has access to the solution/data? By which measures is the access protected?
Access to customer data is managed by the customer him/herself. In addition, a restricted group of users receives administrative permission from Usercentrics, e.g. in order to be able to assist with support requests.
How does authentication for the customer take place when logging on to the cloud solution?
Authentication is always performed via user name and password. An additional two-factor authentication can be developed upon customer request. There are two variants for the login authentication: A Federated Login via Google or via the Auth0 authentication service.
How is the data transmitted and which encryption methods are employed?
The data transfer is carried out using HTTPS encryption (TLS 1.3). Data in idle mode is encrypted using AES256, with different codes used for each respective data packet.
Is there a concise, system and component representation, for a better understanding of the software solution?
How is data collected from various customers then separated from each other?
The customer-specific Settings ID is used to logically separate data from different customers in the databases. Data from different categories is stored in separate databases with individual access keys.
What happens if the service is interrupted?
In the event of a disruption, multi-stage automatisms intervene to restore the functionality of the system. If these mechanisms fail, an alarm message is forwarded to the next stage, which coordinates further measures.
Since the Usercentrics CMP runs via different services varying consequences can be expected depending on the type of system failure. For better visualization, we have outlined the possible scenarios: